I'm working on a project of a very small scale where monitoring is important. I'm biased to just stick with text files and SSH rather than log software (such as ELK stack or Grafana Loki), so as to not have to learn/install/maintain a heavy tool for my toy needs. I'm also biased towards JSON as a format because I learned programming too late in life to be a Unixy regexy text wizard, though I admire people of that ilk from afar.
For improvised analysis, I'm using jq on the terminal. For less flexible human-readable text summaries, I wrote a Deno script. Ergonomically, jq on the terminal feels lacking. Whoever made jq is doing God's work, to be clear, but I could possibly use a more intuitive language (with an emphasis on more tersely expressing groupings/filters). And independently of using jq or not, the terminal is slow and ephemeral: I would love something sort of like the Acme text editor (where you can build yourself an interface on the fly with text), but without the three-button mouse dependency. Right now I just keep a cheatsheet of jq commands that have been useful. I've been daydreaming about making a local webapp to fulfill this need (that just eval()s Javascript, since it would only ever be local).
See for example something like: https://blog.ruanbekker.com/blog/2020/08/13/getting-started-...
You can run a couple of docker containers (loki + grafana), import the data you need (a bit of promtail config). That's not saving anything inside of that stack, you'll want to save your work in Grafana, but for loki maybe you don't need to save much, just import what you need via promtail.
Obviously I don't know if the output is default JSON and not a traditional log file output, that is transformed into JSON.
If your learning jq on the terminal awk is really easy.